package com.aruba.springsecuritystudy.security.service.impl;


import com.aruba.springsecuritystudy.security.service.MyAccessService;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;

import javax.servlet.http.HttpServletRequest;
import java.util.Collection;

@Service
public class MyAccessServiceImpl implements MyAccessService {
    @Override
    public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
        // 获取对象
        Object principal = authentication.getPrincipal();
        if (principal instanceof UserDetails) {
            // 转为UserDetails对象
            UserDetails userDetails = (UserDetails) principal;
            // 获取所有权限
            Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
            // 做自己的处理
            return authorities.contains(new SimpleGrantedAuthority("ROLE_admin"));
        }
        return false;
    }
}
